prevents specific types of information from moving between the outside world, known as the untrusted network, and the inside world, known as the trusted network

Processing Mode: Packet filtering

firewalls examine the header information of data packets that come into a network. NETWORK LAYER.

Processing Mode: Application Gateway

also known as an application-level firewall or application firewall, is frequently installed on a dedicated computer, separate from the filtering router, but is commonly used in conjunction with a filtering router. APPLICATION, PRESENTATION, AND SESSION LAYER

Processing Mode: Circuit gateway

firewall operates at the transport layer. Connections are authorized based on addresses. DON'T Look at data traffic flowing between one network and another, but do prevent connections between one network and another. TRANSPORT LAYER

Processing Mode: MAC Layer

designed to operate at the media access control layer of the OSI network model. This gives these firewalls the ability to consider the specific host computer’s identity in its filtering decisions. DATA LINK LAYER

Processing Mode: Hybrid

type of firewalls combine the elements of other types of firewalls

SOHO

firewall device, called "broadband gateways" connect the user’s local area network or a specific computer system to the Internetworking device

Packet filtering routers

router used as interface to the Internet and perimeter between external and internal networks

bation host has two NICS one connected to the internal network, one connected to the external network.All must go through firewall with this implementation

Screened subnetfirewalls

dominant architecture used today. Provides DMZ. DMZ can be dedicated port or connected to subnet

Best Practices for Firewalls

1. let trusted network traffic out 2. firewall is not directly accessible by public network 3) SMTP data can pass through, but should be routed to SMTP gateway 4) ICMP data should be denied 5) Telnet from public networks = blocked 6)HTTP traffic should be denied from external networks through some form of proxy access

Content filter

essentially a set of scripts or programs that restricts user access to certain networking protocols and Internet locations

War dialer

an automatic phone-dialing program that dials every number in a configured range and checks to see if a person, machine or modem picks up.

Kerberos

uses symmetric key encryption to validate an individual user to various network resources

VPN

a private and secure network connection between systems that uses the data communication capability of an unsecured and public network

Trusted VPN

used leased circuits from a service provider & conducts packet switching over these leased circuits

Secure VPN

uses security protocols and encrypts traffic transmitted across unsecured public networks like the Internet

Hybrid VPN

combination of both types of VPNS

Keys to VPN

Encapsulation, Encryption, and Authentication

Tunnel mode

the organization establishes two perimeter tunnel servers. These servers serve as the encryption points, encrypting all traffic that will traverse an unsecured network.

Proxy Server

a server (a computer system or an application) that acts as an intermediary for requests from clients seeking resources from other servers

Section 3

The mathematical formula used to convert an unencrypted message into an encrypted message.

Cipher

The transformation of the individual components (characters, bytes, or bits) of an unencrypted message into encrypted components.

Ciphertext

The unintelligible encrypted or encoded message that results from an encryption.

Code

The transformation of the larger components (words or phrases) of an unencrypted message into encrypted components

Decipher

To decrypt or convert ciphertext to plaintext.

Encipher

To encrypt or convert plaintext to ciphertext.

Key

The information used in conjunction with the algorithm to create ciphertext from plaintext.

Plaintext

The original unencrypted message that is encrypted

Symmetric Encryption

uses the same key, also known as a secret key, to encrypt and decrypt a message.

Asymmetric Encryption

another category of encryption techniques also known as public-key encryption.

Public-Key Infrastructure

an integrated system of software, encryption methodologies, protocols, legal agreements, and third-party services that enables users to communicate securely.

Digital signatures

encrypted messages that can be mathematically proven authentic.

Digital certificate

an electronic document, similar to a digital signature that is attached to a file and certifies that the file is from the organization it claims to be from and has not been modified from the original format.

S-HTTP

an extended version of the Hypertext Transfer Protocol that provides for the encryption of individual messages between a client and server across the Internet

SSL

protocol to use public-key encryption to secure a channel over the public Internet, thus enabling secure communications.

PGP

developed by Phil Zimmerman and uses the IDEA Cipher along with RSA for key exchange.

Dictionary Attacks

the attacker encrypts every word in a dictionary using the same cryptosystem as used by the target